Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Wireguard behind fortigate

Hey all,


I have a little issue with getting the DNS working correctly when a user connects through Wireguard VPN. At our local site we have a Wireguard server running behind our Fortigate firewall. Our lan is using and the wireguard lan is 

To get it up and running I have setup a virtual ip from our public ip to the ip of the wireguard server on our lan with port forwarding for the listen port. For access to the lan I have created a static route from to using the wireguard server ip as gateway. I have also created a policy so the traffic is handled correctly. 


The tunnel is working and a user can connect to the wireguard server and ping our lan devices. However DNS is not working. In the wireguard client I have setup DNS to and but that doesn't seem to be working. Does anyone know how I can get DNS to work properly in this situation? Is there anything else I have to configure on the Fortigate? 




Hi Team,


If you are able to access servers through ping, you will be able to access through DNS as well.

Please execute this command in wireguard client :


See which DNS server it is showing in command prompt

Also, try to install wireshark in client machine and see packets are going to which server.

That should isolate the issue


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors